Uploading a large file to Jira API add attachment failing with a 401 error

XMLWordPrintable

    • Type: Bug
    • Resolution: Unresolved
    • Priority: Low
    • Component/s: Issue - Backend
    • None
    • 7
    • Minor
    • 8

      Issue Summary

      Uploading a large file to Jira API method add attachment results in a 401 unauthorized error.

      Steps to Reproduce

      1. Generate a dummy file with size of 601mb.
      2. Having all the prerequisites to add attachments to an issue, run the following command:
      3. Wait for the request to finish, check HTTP status code returned

      Expected Results

      File added to the issue as intended

      Actual Results

      HTTP status code 401 error is returned after the large file is sent. Note: the wrong authentication possibility is discarded after using the same request with a much smaller file, 1mb for example and getting a proper 200 HTTP status code just fine.

      time curl -n -X POST -H "X-Atlassian-Token: no-check" -F "file=@601mbtestfile.dat" https://yourinstance.atlassian.net/rest/api/3/issue/TEST-1/attachments -vv

Note: Unnecessary use of -X or --request, POST is already inferred.
*   Trying 18.234.32.175...
* TCP_NODELAY set
* Connected to yourinstance.atlassian.net (18.234.32.175) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/cert.pem
  CApath: none
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-ECDSA-AES128-GCM-SHA256
* ALPN, server accepted to use h2
* Server certificate:
*  subject: C=US; ST=California; L=San Francisco; O=Atlassian Network Services, Inc.; CN=*.atlassian.net
*  start date: Nov 28 00:00:00 2019 GMT
*  expire date: Jan 18 12:00:00 2022 GMT
*  subjectAltName: host "yourinstance.atlassian.net" matched cert's "*.atlassian.net"
*  issuer: C=US; O=DigiCert Inc; OU=www.digicert.com; CN=DigiCert SHA2 High Assurance Server CA
*  SSL certificate verify ok.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Server auth using Basic with user 'user@domain.com'
* Using Stream ID: 1 (easy handle 0x7ffb6600f600)
> POST /rest/api/3/issue/TEST-1/attachments HTTP/2
> Host: yourinstance.atlassian.net
> Authorization: Basic hash
> User-Agent: curl/7.64.1
> Accept: */*
> X-Atlassian-Token: no-check
> Content-Length: 630194385
> Content-Type: multipart/form-data; boundary=------------------------6ddff7695827d2e5
> 
* Connection state changed (MAX_CONCURRENT_STREAMS == 200)!
* We are completely uploaded and fine
< HTTP/2 401 
< server: AtlassianProxy/1.15.8.1
< www-authenticate: OAuth realm="https%3A%2F%2Fyourinstance.atlassian.net"
< content-type: text/html;charset=UTF-8
< strict-transport-security: max-age=315360000; includeSubDomains; preload
< date: Mon, 21 Dec 2020 13:59:43 GMT
< atl-traceid: 5ce486f4ed6f6894
< x-arequestid: c5c1c42a-016e-43d2-aa0f-b35c21873d4a
< x-xss-protection: 1; mode=block
< timing-allow-origin: *
< x-envoy-upstream-service-time: 128
< x-content-type-options: nosniff
< expect-ct: report-uri="https://web-security-reports.services.atlassian.com/expect-ct-report/global-proxy", enforce, max-age=86400
< 









<html>

<head>
    <title>Unauthorized (401)</title>
    





<!--[if IE]><![endif]-->
<script type="text/javascript" >
    var contextPath = '';
    var DeferScripts = { deferState: 'disabled' };
</script>
<script>
window.WRM=window.WRM||{};window.WRM._unparsedData=window.WRM._unparsedData||{};window.WRM._unparsedErrors=window.WRM._unparsedErrors||{};
WRM._unparsedData["com.atlassian.plugins.atlassian-plugins-webresource-plugin:context-path.context-path"]="\"\"";
WRM._unparsedData["com.atlassian.plugins.atlassian-plugins-webresource-rest:curl.cross-origin-resources"]="false";
WRM._unparsedData["jira.webresources:feature-flags.feature-flag-data"]="{\"enabled-feature-keys\":[\"com.atlassian.jira.projects.issuenavigator\",\"connect.no-applinks\",\"nps.survey.inline.dialog\",\"atlassian.aui.raphael.disabled\",\"com.atlassian.jira.projects.ProjectCentricNavigation.Switch\"],\"feature-flag-states\":{\"jira.feature.flag.board.issue.modal.labs\":true,\"com.atlassian.jira.plugins.mail.internal\":false,\"com.atlassian.jira.feature.flag.for.TestFeatureFlagResource\":false,\"jira.instrumentation.laas\":false,\"jira.feature.rest.single.step.avatar.upload\":true,\"jira.ondemand.maintain.trusted.apps\":true}}";
WRM._unparsedData["com.atlassian.jira.jira-client-analytics-plugin:analytics-context-provider.client-analytic-descriptors"]="{\"analyticsResource\":{\"jira-core\":{\"events\":{\"issue.comment.added\":{\"trigger\":\"click #issue-comment-add-submit\",\"properties\":{\"comment-length\":\"value.length #issue-comment-add #comment\"}}}}},\"tenantId\":\"9b058aee-8b9c-4539-9af2-811d5c4da70d\",\"env\":\"prod\"}";
WRM._unparsedData["jira.webresources:default-comment-security-level.DefaultCommentSecurityLevelHelpLink"]="{\"extraClasses\":\"default-comment-level-help\",\"title\":\"Commenting on an Issue\",\"url\":\"https://confluence.atlassian.com/display/JIRACORECLOUD/Editing+and+collaborating+on+issues#Editingandcollaboratingonissues-addcommentsCommentingonissues\",\"isLocal\":false}";
WRM._unparsedData["jira.webresources:key-commands.shortcuts"]="[{\"moduleKey\":\"go-to-dashboard-kb-shortcut\",\"keys\":[[\"g\",\"d\"]],\"context\":\"global\",\"op\":\"goTo\",\"param\":\"/secure/Dashboard.jspa\"},{\"moduleKey\":\"browse-project-kb-shortcut\",\"keys\":[[\"g\",\"p\"]],\"context\":\"global\",\"op\":\"execute\",\"param\":\"var elem = jQuery(\\\"#browse_link\\\");\\n                if (elem.length \u003e 0) {\\n                    window.location.href = elem.attr(\\\"href\\\");\\n                }\"},{\"moduleKey\":\"issue-navigator-kb-shortcut\",\"keys\":[[\"g\",\"i\"]],\"context\":\"global\",\"op\":\"execute\",\"param\":\"var elem = jQuery(\\\"#find_link\\\");\\n                if (elem.length \u003e 0) {\\n                    window.location.href = elem.attr(\\\"href\\\");\\n                }\"},{\"moduleKey\":\"admin.quicksearch.dialog.shortcut\",\"keys\":[[\"g\",\"g\"]],\"context\":\"global\",\"op\":\"execute\",\"param\":\"JIRA.Shifter.show();\"},{\"moduleKey\":\"quicksearch\",\"keys\":[[\"/\"]],\"context\":\"global\",\"op\":\"moveToAndFocus\",\"param\":\"#quickSearchInput, #admin-quick-nav-field\"},{\"moduleKey\":\"create.issue\",\"keys\":[[\"c\"]],\"context\":\"global\",\"op\":\"moveToAndClick\",\"param\":\"#header .create-issue\"},{\"moduleKey\":\"shifter\",\"keys\":[[\".\"]],\"context\":\"global\",\"op\":\"execute\",\"param\":\"JIRA.Shifter.show();\"},{\"moduleKey\":\"help\",\"keys\":[[\"?\"]],\"context\":\"global\",\"op\":\"click\",\"param\":\"#keyshortscuthelp\"}]";
WRM._unparsedData["com.atlassian.plugins.atlassian-connect-plugin:dialog-options.data"]="{\"allJsVersion\":\"1.3.4\",\"dialogOptions\":{\"com.atlassian.jira.spreadsheets__open-in-excel\":{\"height\":\"280px\",\"chrome\":false,\"width\":\"480px\"},\"com.atlassian.jira.spreadsheets__open-in-gsheets\":{\"height\":\"280px\",\"chrome\":false,\"width\":\"480px\"}},\"inlineDialogOptions\":{},\"dialogModules\":{\"atlassian-outlook-integration\":{\"email-deletion-confirmation-dialog\":{\"cacheable\":false,\"options\":{\"height\":\"148px\",\"width\":\"400px\"},\"key\":\"email-deletion-confirmation-dialog\"},\"email-view-dialog\":{\"cacheable\":false,\"options\":{\"size\":\"maximum\"},\"key\":\"email-view-dialog\"}},\"stspg-jira-ops\":{\"unlink-incident\":{\"cacheable\":false,\"options\":{\"height\":\"232\",\"chrome\":false,\"width\":\"432\"},\"key\":\"unlink-incident\"}},\"com.atlassian.jira.emcee\":{\"in-product-install-dialog\":{\"cacheable\":false,\"options\":{\"size\":\"large\",\"chrome\":false},\"key\":\"in-product-install-dialog\"}}}}";
WRM._unparsedData["com.atlassian.plugins.atlassian-connect-plugin:jira-date-picker-widget.config"]="{\"dateFormat\":\"%e/%b/%y\",\"dateTimeFormat\":\"%e/%b/%y %I:%M %p\",\"timeFormat\":\"12\",\"firstDay\":1,\"useISO8601WeekNumbers\":false}";
WRM._unparsedData["jira.webresources:dateFormatProvider.dateFormat"]="{\"meridiem\":[\"AM\",\"PM\"],\"eras\":[\"BC\",\"AD\"],\"months\":[\"January\",\"February\",\"March\",\"April\",\"May\",\"June\",\"July\",\"August\",\"September\",\"October\",\"November\",\"December\"],\"monthsShort\":[\"Jan\",\"Feb\",\"Mar\",\"Apr\",\"May\",\"Jun\",\"Jul\",\"Aug\",\"Sep\",\"Oct\",\"Nov\",\"Dec\"],\"weekdaysShort\":[\"Sun\",\"Mon\",\"Tue\",\"Wed\",\"Thu\",\"Fri\",\"Sat\"],\"weekdays\":[\"Sunday\",\"Monday\",\"Tuesday\",\"Wednesday\",\"Thursday\",\"Friday\",\"Saturday\"]}";
WRM._unparsedData["com.atlassian.servicedesk.frontend-webpack-plugin:data-provider.webpack-meta"]="{\"locale\":\"en-US\",\"publicPath\":\"//d2wt7wi2i4g2f9.cloudfront.net/atl-vertigo--shard-jira-prod-us-26--2--jres.atlassian.net/s/o2joag/b/24/55cb54c36feb84f282585d9cb0cc47a274512f72/_/download/resources/com.atlassian.servicedesk.frontend-webpack-plugin:webpack-async-chunks/\"}";
WRM._unparsedData["com.atlassian.applinks.applinks-plugin:applinks-common-exported.applinks-types"]="{\"crowd\":\"Crowd\",\"confluence\":\"Confluence\",\"remote.plugin.container\":\"Atlassian Connect\",\"fecru\":\"FishEye / Crucible\",\"stash\":\"Bitbucket Server\",\"jira\":\"JIRA\",\"bamboo\":\"Bamboo\",\"generic\":\"Generic Application\"}";
WRM._unparsedData["com.atlassian.applinks.applinks-plugin:applinks-common-exported.entity-types"]="{\"singular\":{\"fecru.project\":\"Crucible Project\",\"fecru.repository\":\"FishEye Repository\",\"stash.project\":\"Bitbucket Server Project\",\"generic.entity\":\"Generic Project\",\"confluence.space\":\"Confluence Space\",\"bamboo.project\":\"Bamboo Project\",\"jira.project\":\"JIRA Project\"},\"plural\":{\"fecru.project\":\"Crucible Projects\",\"fecru.repository\":\"FishEye Repositories\",\"stash.project\":\"Bitbucket Server Projects\",\"generic.entity\":\"Generic Projects\",\"confluence.space\":\"Confluence Spaces\",\"bamboo.project\":\"Bamboo Projects\",\"jira.project\":\"JIRA Projects\"}}";
WRM._unparsedData["com.atlassian.applinks.applinks-plugin:applinks-common-exported.authentication-types"]="{\"com.atlassian.applinks.api.auth.types.BasicAuthenticationProvider\":\"Basic Access\",\"com.atlassian.applinks.api.auth.types.CorsAuthenticationProvider\":\"CORS\",\"com.atlassian.applinks.api.auth.types.OAuthAuthenticationProvider\":\"OAuth\",\"com.atlassian.applinks.api.auth.types.TwoLeggedOAuthAuthenticationProvider\":\"OAuth\",\"com.atlassian.applinks.api.auth.types.TwoLeggedOAuthWithImpersonationAuthenticationProvider\":\"OAuth\"}";
WRM._unparsedData["com.atlassian.crowd.user-provisioning-vertigo-plugin:create-users-resources.isSiteAdmin"]="false";
WRM._unparsedData["jira.webresources:avatar-picker.data"]="{\"isEnabled\":true,\"url\":\"/plugins/servlet/redirectToProfile?target=edit-avatar\"}";
WRM._unparsedData["com.atlassian.jira.jira-header-plugin:dismissedFlags.flags"]="{\"dismissed\":[]}";
WRM._unparsedData["com.atlassian.servicedesk.core-ui:util-help-links.help-links"]="{\"help\":{\"sla.settings\":\"https://confluence.atlassian.com/display/SERVICEDESKCLOUD/setting+up+slas\",\"email.settings\":\"https://confluence.atlassian.com/display/SERVICEDESKCLOUD/Receiving+requests+by+email\",\"servicedesk.organizations\":\"https://confluence.atlassian.com/display/SERVICEDESKCLOUD/Setting+up+service+desk+users#Settingupservicedeskusers-manageorgsManageorganizations\",\"request.type\":\"https://confluence.atlassian.com/display/SERVICEDESKCLOUD/configuring+request+types+and+workflows\",\"email.setup\":\"https://confluence.atlassian.com/display/SERVICEDESKCLOUD/Receiving+requests+by+email\",\"servicedesk.users\":\"https://confluence.atlassian.com/display/SERVICEDESKCLOUD/Setting+up+service+desk+users\",\"managing.queues\":\"https://confluence.atlassian.com/display/SERVICEDESKCLOUD/Setting+up+queues+for+your+team\",\"documentation.home\":\"https://confluence.atlassian.com/display/SERVICEDESKCLOUD/Jira+Service+Desk+Cloud+documentation\",\"multi.language.portal\":\"https://confluence.atlassian.com/display/SERVICEDESKCLOUD/Translating+your+customer+portal+and+supporting+multiple+languages\",\"default\":\"https://confluence.atlassian.com/display/SERVICEDESKCLOUD/\",\"portal.settings\":\"https://confluence.atlassian.com/display/SERVICEDESKCLOUD/best+practices+for+designing+the+customer+portal\",\"setting.up.reports\":\"https://confluence.atlassian.com/display/SERVICEDESKCLOUD/Setting+up+service+desk+reports\",\"getting.started.agent\":\"https://confluence.atlassian.com/display/SERVICEDESKCLOUD/Getting+started+for+service+desk+agents\",\"queues.setup\":\"https://confluence.atlassian.com/display/SERVICEDESKCLOUD/setting+up+queues+for+your+team\",\"request.settings.help.bubble\":\"https://confluence.atlassian.com/display/SERVICEDESKCLOUD/Managing+access+to+your+service+desk\",\"email.settings.suitablerequest\":\"https://confluence.atlassian.com/display/SERVICEDESKCLOUD/Receiving+requests+by+email#Receivingrequestsbyemail-suitablerequest\",\"servicedesk.software.teams\":\"https://confluence.atlassian.com/display/SERVICEDESKCLOUD/best+practices+for+software+teams+using+jira+service+desk\",\"create.space.help\":\"https://confluence.atlassian.com/display/SERVICEDESKCLOUD/Serving+customers+with+a+knowledge+base#serving-customers-with-a-knowledge-base-createpermission\",\"admin.notifications.config\":\"https://confluence.atlassian.com/display/SERVICEDESKCLOUD/Configuring+service+desk+notifications\",\"email.settings.troubleshooting\":\"https://confluence.atlassian.com/display/SERVICEDESKCLOUD/Troubleshooting+issues+with+the+email+channel\",\"troubleshoot.requesttype\":\"https://confluence.atlassian.com/display/SERVICEDESKCLOUD/Troubleshooting+issues+with+request+types\",\"approvals.configuration\":\"https://confluence.atlassian.com/display/SERVICEDESKCLOUD/Configuring+JIRA+Service+Desk+approvals\",\"public.signup\":\"https://confluence.atlassian.com/display/SERVICEDESKCLOUD/Configuring+public+signup\",\"resolve.permission.scheme.errors\":\"https://confluence.atlassian.com/display/SERVICEDESKCLOUD/Resolving+permission+scheme+errors\",\"knowledge.base\":\"https://confluence.atlassian.com/display/SERVICEDESKCLOUD/Serving+customers+with+a+knowledge+base\",\"getting.started\":\"https://confluence.atlassian.com/display/SERVICEDESKCLOUD/Getting+started+with+JIRA+Service+Desk\",\"invite.customers\":\"https://confluence.atlassian.com/display/SERVICEDESKCLOUD/Managing+access+to+your+service+desk\"},\"kb\":{\"default\":\"https://confluence.atlassian.com/display/SDKB/\",\"legacytransition\":\"https://confluence.atlassian.com/display/SDKB/Replacing+legacy+automatic+transitions+with+automation+rules\",\"umtroubleshoot\":\"https://confluence.atlassian.com/display/SDKB/Troubleshooting+issues+with+service+desk+user+management\"}}";
WRM._unparsedData["com.atlassian.servicedesk.core-ui:util-base-url.base-url"]="\"https://yourinstance.atlassian.net\"";
WRM._unparsedData["com.atlassian.jira.ext.calendar:tipDataProvider.tip"]="{\"suppressTip\":false}";
WRM._unparsedData["jira.webresources:user-message-flags.adminLockout"]="{}";
WRM._unparsedData["com.atlassian.plugins.helptips.jira-help-tips:help-tip-manager.JiraHelpTipData"]="{\"anonymous\":true}";
if(window.WRM._dataArrived)window.WRM._dataArrived();</script>
<link type="text/css" rel="stylesheet" href="//d2wt7wi2i4g2f9.cloudfront.net/atl-vertigo--shard-jira-prod-us-26--2--jres.atlassian.net/s/d41d8cd98f00b204e9800998ecf8427e-CDN/o2joag/b/24/dcd81640392cf363c8ad272ea01cd50a/_/download/contextbatch/css/_super/batch.css?relative-url=true" data-wrm-key="_super" data-wrm-batch-type="context" media="all">
<link type="text/css" rel="stylesheet" href="//d2wt7wi2i4g2f9.cloudfront.net/atl-vertigo--shard-jira-prod-us-26--2--jres.atlassian.net/s/d41d8cd98f00b204e9800998ecf8427e-CDN/o2joag/b/24/b95851598883b110dbf9081a7481ce95/_/download/contextbatch/css/atl.general,jira.general,atl.global,jira.global,-_super/batch.css?agile_global_admin_condition=true&amp;is-feature-enabled=true&amp;jag=true&amp;relative-url=true" data-wrm-key="atl.general,jira.general,atl.global,jira.global,-_super" data-wrm-batch-type="context" media="all">
<script type="text/javascript" src="//d2wt7wi2i4g2f9.cloudfront.net/atl-vertigo--shard-jira-prod-us-26--2--jres.atlassian.net/s/d41d8cd98f00b204e9800998ecf8427e-CDN/o2joag/b/24/efcf8848d2519a569a9d8b26475c0d9d/_/download/contextbatch/js/_super/batch.js?locale=en-US" data-wrm-key="_super" data-wrm-batch-type="context" data-initially-rendered></script>
<script type="text/javascript" src="//d2wt7wi2i4g2f9.cloudfront.net/atl-vertigo--shard-jira-prod-us-26--2--jres.atlassian.net/s/d41d8cd98f00b204e9800998ecf8427e-CDN/o2joag/b/24/f01be4bbe13d5e00ac4739f0b0e6be92/_/download/contextbatch/js/atl.general,jira.general,atl.global,jira.global,-_super/batch.js?agile_global_admin_condition=true&amp;is-feature-enabled=true&amp;jag=true&amp;locale=en-US" data-wrm-key="atl.general,jira.general,atl.global,jira.global,-_super" data-wrm-batch-type="context" data-initially-rendered></script>
<link type="text/css" rel="stylesheet" href="//d2wt7wi2i4g2f9.cloudfront.net/yourinstance.atlassian.net/s/d41d8cd98f00b204e9800998ecf8427e-CDN/o2joag/b/24/6ee2692ebbb79f3fc813c360e69e0b89/_/download/jira-lf-contextbatch/css/jira.global.look-and-feel,-_super/batch.css?relative-url=true" data-wrm-key="jira.global.look-and-feel,-_super" data-wrm-batch-type="context" media="all">

    <meta name="application-name" content="JIRA" data-name="jira" data-version="1001.0.0-SNAPSHOT">
</head>
<body id="jira" class="aui-layout aui-style-default page-type-message"  data-version="1001.0.0-SNAPSHOT" >
    <div class="aui-page-panel"><div class="aui-page-panel-inner">
            <section class="aui-page-panel-content">
                    <header class="aui-page-header"><div class="aui-page-header-inner">
                            <div class="aui-page-header-main">
                                    <h1>Unauthorized (401)</h1>
                                </div><!-- .aui-page-header-main -->
                        </div><!-- .aui-page-header-inner --></header><!-- .aui-page-header -->
                    <div class="aui-message aui-message-warning warning">
                            <p>Encountered a <code>&quot;401 - Unauthorized&quot;</code> error while loading this page.</p>
                            <p><a href="/secure/MyJiraHome.jspa">Go to Jira home</a></p>
                        </div>
                </section><!-- .aui-page-panel-content -->
        </div><!-- .aui-page-panel-inner --></div><!-- .aui-page-panel -->
</body>
</html>
* Connection #0 to host yourinstance.atlassian.net left intact
* Closing connection 0
curl -n -X POST -H "X-Atlassian-Token: no-check" -F "file=@601mbtestfile.dat"  517.72s user 1233.28s system 99% cpu 29:17.10 total

      Workaround

      • The system has an architectural requirement that REST endpoints can complete relatively quickly, and in particular, JWT tokens are limited to 90 seconds.
      • If the file being uploaded is very large, or the user's network connection is slow (bandwidth limited), or some combination of those two conditions, then the upload can exceed the architectural limitation of 90 seconds and be rejected.
      • As a rough guide, we've observed that a 200Mbps connection (~25 MB/s) is able to reliably upload an attachment that is ~ 1 GB. But starts to take longer than 90 seconds (failing the upload) at around 1.5 GB.
      • The work-around is to use a higher-bandwidth connection OR to split large files into multiple parts.

              Assignee:
              Unassigned
              Reporter:
              Felipe Oliveira
              Votes:
              5 Vote for this issue
              Watchers:
              16 Start watching this issue

                Created:
                Updated: